0P3N Blog Blog Post
Ready to Start Your Career?
Create Free Account
By: bachan
March 27, 2017

R.U.D.Y.

By: bachan
March 27, 2017
By: bachan
March 27, 2017
rudyHello Cybrarians!I think all of you would be familiar with Mr. Robot, or at least know that it is a television series. Anyway, I noticed while watching Mr. Robot, that Eliot recognized an attack, name RUDY.RUDY stands for R U Dead Yet? It is a slow and low rate, application layer exploitation tool. When an attacker uses the rudy tool, it sends a legitimate HTTP POST request with an abnormally long 'content-length' header field and then it starts injecting the form with information, one byte-sized packet at a random time and generates a few thousand requests. By sending numerous small packets, at a very slow rate, R.U.D.Y. creates a massive backlog of application threads, while the long ‘'Content-Length’ field prevents the server from closing the connection.Eventually, the number and length of open sessions exhaust the target’s resources, making it unavailable to legitimate traffic. It is a form of Denial of Service attack. Here a video where you can understand more specifically what the attack is:

Do you like to write about your infosec knowledge, skills, opinions, or exploits?

Blog Icon

Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry